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PROBLEM TO BE SOLVED: To further safely perform communications. 
SOLUTION: An external terminal device accesses the connection management server of an 
authentication service provider in step S81 to provide identification information for 
authentication service provider. The connection management server makes an 
authentication server perform an authentication processing to acquire local server 
information corresponding to the acquired identification information for authentication 
service provider from an address management server. The connection management server 
supplies supplying data containing the address information of the log in screen of a local 
server, which is generated on the basis of the acquired local server information, to the 
external terminal device in step S107. The external terminal device accesses the local server 



on the basis of the supplying data in step S83. 
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CLAIMS 



[Claim(s)] 

[Claim 1] The 1st information processor which is connected to a network and communicates 
with other information processors, It is the network system which is connected to said 
network and equipped with the 2nd information processor by the information processor 
besides the above which manages connection with said 1st information processor. An address 
selection means to set up the address with which said 1st information processor receives 
access from an information processor besides the above, The 1st supply means which supplies 
the information about said address set up by said address selection means to said 2nd 
information processor, The 1st authentication processing means which attests the 1st 
identification information supplied from the information processor besides the above which 
accessed said address, Based on the authentication result by said 1st authentication 



processing means, it has the connection control means which controls connection with an 
information processor besides the above. Said 2nd information processor The 1st acquisition 
means which acquires the information about said address supplied by said 1st supply means, 
A storage means to memorize the information about said address acquired by said 1st 
acquisition means, A connection-request receptionist means to receive the connection request 
to said 1st information processor supplied by the information processor besides the above, 
The 2nd acquisition means which acquires the 2nd identification information from the 
information processor besides the above which is the demand origin of said connection 
request received by said connection-request reception means, The 2nd authentication 
processing means which attests said 2nd identification information acquired by said 2nd 
acquisition means, The network system characterized by equipping the information processor 
besides the above with which said 2nd identification information was attested by said 2nd 
authentication processing means with the 2nd supply means which supplies the information 
about said address memorized by said storage means corresponding to said 2nd identification 
information. 

[Claim 2] An address selection means to connect with a network, to be other 1st information 
processor and the information processor which communicates, and to set up the address 
which receives access from said other 1st information processor, An address information 
supply means to supply the information about said address set up by said address selection 
means to other 2nd information processor, The information processor characterized by 
having the authentication processing means which attests identification information 
supplied from said other 1st information processor which accessed said address, and the 
connection control means which controls connection with said other 1st information processor 
based on the authentication result by said authentication processing means. 
[Claim 3] Said address selection means is an information processor according to claim 2 
characterized by having a basic address setting-out means to set up said basic address, and a 
connection key setting-out means to perform setting out about said connection key including 
a basic address including the IP address by which the address which receives said access was 
assigned to said information processor, and the connection key constituted by the character 
string of arbitration. 

[Claim 4] Said connection key setting-out means is an information processor according to 
claim 3 characterized by setting up said connection key using the character string of said 
arbitration inputted by said user based on directions of a user. 

[Claim 5] Said connection key setting-out means is equipped with a character string 
generation means to generate the character string of arbitration. Based on directions of said 
user, said connection key is updated for every time amount which said user directs using said 
character string generated by said character string generation means. Said address selection 
means The information about said address is updated using said connection key updated by 



said connection key setting-out means. Said address information supply means The 
information processor according to claim 3 characterized by supplying the information about 
said address updated by said address selection means to said other 2nd information processor. 
[Claim 6] An authentication key acquisition means to acquire the authentication key 
supplied to said other 2nd information processor, An authentication key storage means to 
memorize said authentication key acquired by said authentication key acquisition means, In 
case it connects with said other 2nd information processor, it has further an authentication 
key supply means to supply said authentication key memorized by said storage means to said 
other 2nd information processor. Said authentication key supply means is beforehand 
acquired by said authentication key acquisition means, and said authentication key 
memorized by said storage means is supplied to said other 2nd information processor. Said 
address information supply means is an information processor according to claim 2 
characterized by supplying the information about said address to said other 2nd information 
processor connected based on said authentication key supplied by said authentication key 
supply means. 

[Claim 7] It is the information processor according to claim 2 which is further equipped with 
an identification information storage means to memorize the identification information of the 
user who permits connection, and is characterized by said authentication processing means 
attesting said identification information supplied from said other 1st information processor 
using said identification information memorized by said identification information storage 
means. 

[Claim 8] The information processor according to claim 2 characterized by having further an 
initial entry supply means to supply an initial entry including the information about said 
address to said other 1st information processor. 

[Claim 9] The address selection step which is connected to a network, is the information 
processing approach of other 1st information processor and the information processor which 
communicates, and sets up the address which receives access from said other 1st information 
processor, The address information supply control step which controls supply to other 2nd 
information processor of the information about said address set up by processing of said 
address selection step, The authentication processing step which attests identification 
information supplied from said other 1st information processor which accessed said address, 
The information processing approach characterized by including the connection control step 
which controls connection with said other let information processor based on the 
authentication result by processing of said authentication processing step. 
[Claim 10] The address selection step which is connected to a network, is a program other 1st 
information processor and for the information processors which communicate, and sets up 
the address which receives access from said other 1st information processor, The address 
information supply control step which controls supply to other 2nd information processor of 



the information about said address set up by processing of said address selection step, The 
authentication processing step which attests identification information supplied from said 
other 1st information processor which accessed said address, The record medium with which 
the program which the computer characterized by including the connection control step 
which controls connection with said other 1st information processor based on the 
authentication result by processing of said authentication processing step can read is 
recorded. 

[Claim 11] It is the program which can perform the computer which is connected to a network 
and controls other 1st information processor and the information processor which 
communicates. The address selection step which sets up the address which receives access 
from said other 1st information processor, The address information supply control step which 
controls supply to other 2nd information processor of the information about said address set 
up by processing of said address selection step, The authentication processing step which 
attests identification information supplied from said other 1st information processor which 
accessed said address, The program characterized by including the connection control step 
which controls connection with said other 1st information processor based on the 
authentication result by processing of said authentication processing step. 
[Claim 12] It is the information processor which is connected to a network and manages 
connection with other 2nd information processor by other let information processor. An 
address information acquisition meanB to acquire the information about the address supplied 
from said other 2nd information processor, An address information storage means to 
memorize the information about said address acquired by said address information 
acquisition means, A connection-request receptionist means to receive the connection request 
to said other 2nd information processor supplied by said other 1st information processor, An 
identification information acquisition means to acquire the identification information 
supplied from said other 1st information processor which is the demand origin of said 
connection request received by said connection-request receptionist means, The identification 
information authentication processing means which attests said identification information 
acquired by said identification information acquisition means, To said other 1st information 
processor with which said identification information was attested by said identification 
information authentication processing means The information processor characterized by 
having an address information supply means to supply the information about said address 
memorized by said address information storage meanB corresponding to said identification 
information. 

[Claim 13] An authentication key generation means to generate an authentication key, and 
an authentication key supply means to supply said authentication key generated by said 
authentication key generation means to said other 2nd information processor, An 
authentication key storage means to relate said authentication key generated by said 



authentication key generation means with the information about said other 2nd information 
processor which supplied said authentication key with said authentication key supply means, 
and to memorize it, An authentication key acquisition means to acquire said authentication 
key from said other 2nd information processor, An authentication key authentication means 
to attest said authentication key acquired by said authentication key acquisition means using 
said authentication key memorized by said authentication key storage means, Based on the 
authentication result by said authentication key authentication means, it has further the 
connection control means which controls connection with said other 2nd information 
processor. Said address information acquisition means The information processor according 
to claim 12 characterized by acquiring the information about said address from said other 
2nd information processor connected by control by said connection control means. 
[Claim 14] It is the information processing approach of an information processor of 
connecting with a network and managing connection with other 2nd information processor by 
other 1st information processor. The address information acquisition control step which 
controls acquisition of the information about the address supplied from said other 2nd 
information processor, The address information storage control step which controls the 
output from the storage Bection of the information about said address with which acquisition 
was controlled by processing of said address information acquisition control step, The 
connection-request receptionist step which receives the connection request to said other 2nd 
information processor supplied by said other 1st information processor, The identification 
information acquisition control step which controls acquisition of the identification 
information supplied from said other 1st information processor which iB the demand origin of 
said connection request received by processing of said connection-request receptionist step, 
The identification information authentication processing step which attests said 
identification information by which acquisition was controlled by processing of said 
identification information acquisition control step, Said other 1st information processor with 
which said identification information was attested by processing of said identification 
information authentication processing step, The information processing approach 
characterized by including the address information supply control step which controls supply 
of the information about said address with which the output from said storage section is 
controlled by processing of said address information storage control step corresponding to 
said identification information. 

[Claim 15] It is the program for information processors which is connected to a network and 
manages connection with other 2nd information processor by other 1st information processor. 
The address information acquisition control step which controls acquisition of the 
information about the address supplied from said other 2nd information processor, The 
address information storage control step which controls the output from the storage section of 
the information about said address with which acquisition was controlled by processing of 



said address information acquisition control step, The connection-request receptionist step 
which receives the connection request to said other 2nd information processor supplied by 
said other 1st information processor, The identification information acquisition control step 
which controls acquisition of the identification information supplied from said other 1st 
information processor which is the demand origin of said connection request received by 
processing of said connection* request receptionist step, The identification information 
authentication processing step which attests said identification information by which 
acquisition was controlled by processing of said identification information acquisition control 
step, Said other 1st information processor with which said identification information was 
attested by processing of said identification information authentication processing step, 
Correspond to said identification information. The record medium with which the program 
which the computer characterized by including the address information supply control step 
which controls supply of the information about said address with which the output from said 
storage section is controlled by processing of said address information storage control step 
can read is recorded. 

[Claim 16] It is the program which can perform the computer which controls the information 
processor which is connected to a network and manages connection with other 2nd 
information processor by other 1st information processor. The address information 
acquisition control step which controls acquisition of the information about the address 
supplied from said other 2nd information processor, The address information storage control 
step which controls the output from the storage section of the information about Baid address 
with which acquisition was controlled by processing of said address information acquisition 
control step, The connection-request receptionist step which receives the connection request 
to said other 2nd information processor supplied by said other 1st information processor, The 
identification information acquisition control step which controls acquisition of the 
identification information supplied from said other 1st information processor which is the 
demand origin of said connection request received by processing of said connection- request 
receptionist step, The identification information authentication processing step which attests 
said identification information by which acquisition was controlled by processing of said 
identification information acquisition control step, Said other 1st information processor with 
which said identification information was attested by processing of said identification 
information authentication processing Btep, The program characterized by including the 
address information supply control step which controls supply of the information about said 
address with which the output from said storage section is controlled by processing of said 
address information storage control step corresponding to said identification information. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] Especially this invention relates to a program at the network system 
which enabled it to communicate safely more, an information processor and an approach, a 
record medium, and a list by managing the connection place address for inputting the 
identification information used for a network system, an information processor and an 
approach, a record medium, and a list about a program at user authentication. 
[0002] 

[Description of the Prior Art] Recently, LAN (Local Area Network) represented by the home 
network also in local- areas, such as domestic, with the formation of always'on connection and 
broadband-izing of the Internet is spreading. In a home network, the electrical home 
appliance equipped with communication facility etc. is connected, and information can be 
shared mutually. 

[0003] As an electrical home appliance equipped with communication facility, various things 
other than a personal computer, such as image image transcription regenerative apparatus, 
such as a video tape recorder, a television receiver, audio equipment, a lighting device, 
air-conditioning equipment, or a game machine, exist, for example. Thereby, a user can 
reserve video or can control burning and putting out lights of lighting by the personal 
computer. 

[0004] Moreover, it becomes possible to communicate also with an external terminal unit like 
controlling actuation of the electrical home appliance it not only shares information between 
the devices connected to LAN, but connected to the home network through the Internet by 
LAN being connected to the network of the exteriors, such as the Internet, from the portable 
telephone etc. Thereby, even if a user is for example, out, by operating a portable telephone, 
he can read the mail which the personal computer of a house received, or can perform image 
transcription reservation of television broadcasting. 

[0005] At this time, the respectively global IP address is assigned to the electrical home 
appliance connected to the home network using IPv6 (Internet Protocol version 6). A portable 
telephone can communicate with each device through an external network and an external 
home network using those IP addresses. 

[0006] However, if the IP address assigned to the electrical home appliance in this case is 
known, anyone will be able to access that electrical home appliance from the terminal unit 
connected to the external network. 

[0007] On the other hand, there is a method of performing user authentication to access from 
an external network, and permitting only access from a specific user by a server etc. In this 
case, that server performs user authentication by making the user who has accessed from the 



outside input identification information, such as ID (IDentification) and a password, using 
the WEB page described in HTML (HyperText Markup Language) etc., and attesting that 
identification information based on User Information registered beforehand. That is, a user 
accesses URL (Uniform Resource Locator) of a WEB page which inputs identification 
information, and supplies identification information to a server. 
[0008] 

[Problem(a) to be Solved by the Invention] However, since URL of an access place was being 
fixed in this case, the technical problem were not desirable occurred on security. For example, 
since they can try the input of identification information repeatedly if other users who are not 
permitted know URL of an access place, there is a possibility of permitting an unjust log in. 
Moreover, when other users who are not permitted receive accessible identification 
information, other users will be able to perform an unjust log in easily, unless the 
information registered into the server is updated. 

[0009] Moreover, when it carried out that a user has accessible identification information to 
two or more LANs etc. and two or more connection places existed, the technical problem that 
it may be difficult to manage all of URL, identification information, etc. of those connection 
places occurred. For example, since the user in whom two or more connection places exist has 
to memorize URL and identification information, or has to take a memorandum, has to 
manage only the number of the connection places and has to use it appropriately, he may 
require a very complicated activity. 

[0010] This invention is made in view of such a situation, and enables it to communicate 

safely more. 

[0011] 

[Means for Solving the Problem] The 1st information processor which the network system of 
this invention is connected to a network, and communicates with other information 
processors, It is the network system which is connected to a network and equipped with the 
2nd information processor by other information processors which manages connection with 
the 1st information processor. An address selection means to set up the address with which 
the 1st information processor receives access from other information processors, The 1st 
supply means which supplies the information about the address set up by the address 
selection means to the 2nd information processor, The 1st authentication processing means 
which attests the 1st identification information supplied from other information processors 
which accessed the address, Based on the authentication result by the 1st authentication 
processing means, it has the connection control means which controls connection with other 
information processors. The 2nd information processor The 1st acquisition means which 
acquires the information about the address supplied by the 1st supply means, A storage 
means to memorize the information about the address acquired by the 1st acquisition means, 
A connection-request receptionist means to receive the connection request to the 1st 



information processor supplied by other information processors, The 2nd acquisition means 
which acquires the 2nd identification information from other information processors which 
are the demand origin of the connection request received by the connection-request reception 
means, The 2nd authentication processing means which attests the 2nd identification 
information acquired by the 2nd acquisition means, It is characterized by equipping other 
information processors with which the 2nd identification information was attested by the 2nd 
authentication processing means with the 2nd supply means which supplies the information 
about the address memorized by the storage means corresponding to the 2nd identification 
information. 

[0012] An address selection meanB to set up the address with which the 1st information 
processor of this invention receives access from other 1st information processor, An address 
information supply means to supply the information about the address set up by the address 
selection means to other 2nd information processor, It is characterized by having the 
authentication processing means which attests identification information supplied from 
other 1st information processor which accessed the address, and the connection control 
means which controls connection with other 1st information processor based on the 
authentication result by the authentication processing means. 

[0013] An address selection means can be equipped with a basic address setting-out meanB to 
set up a basic address, and a connection key Betting-out means to perform setting out about a 
connection key, including a basic address including the IP address by which the address 
which receives said access was assigned to the information processor, and the connection key 
constituted by the character string of arbitration. 

[0014] Said connection key setting-out means can set up a connection key using the character 
string of the arbitration inputted by the user based on directions of a user. 
[0015] Said connection key setting-out means is equipped with a character string generation 
means to generate the character string of arbitration. Based on directions of a user, a 
connection key is updated for every time amount which a user directs using the character 
string generated by the character string generation means. An address selection means 
Using the connection key updated by the connection key setting-out means, the information 
about the address is updated and an address information supply means can supply the 
information about the address updated by the address selection means to other 2nd 
information processor. 

[0016] An authentication key acquisition means to acquire the authentication key supplied to 
said other 2nd information processor, An authentication key storage means to memorize the 
authentication key acquired by the authentication key acquisition means, In case it connects 
with other 2nd information processor, it has further an authentication key supply means to 
supply the authentication key memorized by the storage means to other 2nd information 
processor. An authentication key supply means It is beforehand acquired by the 



authentication key acquisition means, and the authentication key memorized by the storage 
means is supplied to other 2nd information processor. An address information supply means 
The information about the address can be supplied to other 2nd information processor 
connected based on the authentication key supplied by the authentication key supply means. 
[0017] It has further an identification information storage means to memorize the 
identification information of the user who permits connection, and an authentication 
processing means can attest identification information supplied from other 1st information 
processor using the identification information memorized by the identification information 
storage means. 

[0018] It can have further an initial entry supply means to supply an initial entry including 
the information about said address to other lBt information processor. 
[0019] The address selection step which sets up the address with which the 1st information 
processing approach of this invention receives access from other let information processor, 
The address information supply control step which controls supply to other 2nd information 
processor of the information about the address set up by processing of an address selection 
step, It is characterized by including the authentication processing step which attests 
identification information supplied from other 1st information processor which accessed the 
address, and the connection control step which controls connection with other 1st information 
processor based on the authentication result by processing of an authentication processing 
step. 

[0020] The address selection step which sets up the address with which the program of the 
1st record medium of this invention receives access from other 1st information processor, The 
address information supply control step which controls supply to other 2nd information 
processor of the information about the address set up by processing of an address selection 
step, It is characterized by including the authentication processing step which attests 
identification information supplied from other 1st information processor which accessed the 
address, and the connection control step which controls connection with other 1st information 
processor based on the authentication result by processing of an authentication processing 
step. 

[0021] The address selection step which Bets up the address with which the 1st program of 
this invention receives access from other 1st information processor, The address information 
supply control step which controls supply to other 2nd information processor of the 
information about the address set up by processing of an address selection step, A computer 
is made to perform the authentication processing step which attests identification 
information supplied from other 1st information processor which accessed the address, and 
the connection control step which controls connection with other 1st information processor 
based on the authentication result by processing of an authentication processing step. 
[0022] An address information acquisition means to acquire the information about the 



address to which the 2nd information processor of this invention was supplied from other 2nd 
information processor, An address information storage means to memorize the information 
about the address acquired by the address information acquisition means, A 
connection-request receptionist means to receive the connection request to other 2nd 
information processor supplied by other 1st information processor, An identification 
information acquisition means to acquire the identification information supplied from other 
1st information processor which is the demand origin of the connection request received by 
the connection* request receptionist means, The identification information authentication 
processing means which attests identification information acquired by the identification 
information acquisition means, It is characterized by equipping other 1st information 
processor with which identification information was attested by the identification 
information authentication processing means with an address information supply means to 
supply the information about the address memorized by the address information storage 
means corresponding to identification information. 

[0023] An authentication key generation means to generate an authentication key, and an 
authentication key supply means to supply the authentication key generated by the 
authentication key generation means to other 2nd information processor, An authentication 
key storage means to relate the authentication key generated by the authentication key 
generation means with the information about other 2nd information processor which 
supplied the authentication key with the authentication key supply means, and to memorize 
it, An authentication key acquisition means to acquire an authentication key from other 2nd 
information processor, and an authentication key authentication means to attest the 
authentication key acquired by the authentication key acquisition means using the 
authentication key memorized by the authentication key storage means, Based on the 
authentication result by the authentication key authentication means, it has further the 
connection control means which controls connection with other 2nd information processor. An 
address information acquisition means The information about the address can be acquired 
from other 2nd information processor connected by control by the connection control means. 
[0024] The address information acquisition control step which controls acquisition of the 
information about the address to which the 2nd information processing approach of this 
invention was supplied from other 2nd information prooessor, The address information 
storage control step which controls the output from the storage section of the information 
about the address with which acquisition was controlled by processing of an addresB 
information acquisition control step, The connection-request receptionist step which receives 
the connection request to other 2nd information processor supplied by other let information 
processor, The identification information acquisition control step which controls acquisition 
of the identification information supplied from other 1st information processor which is the 
demand origin of the connection request received by processing of a connection-request 



receptionist step, The identification information authentication processing step which attests 
identification information by which acquisition was controlled by processing of an 
identification information acquisition control step, Other 1st information processor with 
which identification information was attested by processing of an identification information 
authentication processing step, It is characterized by including the address information 
supply control step which controls the supply of the information about the address with 
which the output from the storage section is controlled by processing of an address 
information storage control step corresponding to identification information. 
[0025] The address information acquisition control step which controls acquisition of the 
information about the address to which the program of the 2nd record medium of this 
invention was supplied from other 2nd information processor, The address information 
storage control step which controls the output from the storage section of the information 
about the address with which acquisition waB controlled by processing of an address 
information acquisition control step, The connection-request receptionist step which receives 
the connection request to other 2nd information processor supplied by other 1st information 
prooessor, The identification information acquisition control step which controls acquisition 
of the identification information supplied from other 1st information processor which is the 
demand origin of the connection request received by processing of a connection-request 
receptionist step, The identification information authentication processing step which attests 
identification information by which acquisition was controlled by processing of an 
identification information acquisition control step, Other 1st information processor with 
which identification information was attested by processing of an identification information 
authentication processing step, It is characterized by including the address information 
supply control step which controls the supply of the information about the address with 
which the output from the storage section is controlled by processing of an address 
information storage control step corresponding to identification information. 
[0026] The address information acquisition control step which controls acquisition of the 
information about the address to which the 2nd program of this invention was supplied from 
other 2nd information prooessor, The address information storage control step which controls 
the output from the storage section of the information about the address with which 
acquisition was controlled by processing of an address information acquisition control step, 
The connection-request receptionist step which receives the connection request to other 2nd 
information processor supplied by other 1st information processor, The identification 
information acquisition control step which controls acquisition of the identification 
information supplied from other 1st information processor which is the demand origin of the 
connection request received by processing of a connection-request receptionist step, The 
identification information authentication processing step which attests identification 
information by which acquisition was controlled by processing of an identification 



information acquisition control step, Other 1st information processor with which 
identification information was attested by processing of an identification information 
authentication processing step, A computer iB made to perform the address information 
supply control step which controls the supply of the information about the address with 
which the output from the storage section is controlled by processing of an address 
information storage control step corresponding to identification information. 
[0027] The 1st information processor which is connected to a network in the network system 
of this invention, and communicates with other information processors, Connect with a 
network, have the 2nd information processor by other information processors which manages 
connection with the 1st information processor, and it sets to the 1st information processor. 
The address which receives access from other information processors is set up. The 
information about the set-up address is supplied to the 2nd information processor. 
Authentication of the 1st identification information supplied from other information 
processors which accessed the address A line crack, Based on the authentication result, 
connection with other information processors is controlled and it sets to the 2nd information 
processor. The information about the acquired address is memorized and the 2nd 
identification information is acquired from other information processors which are the 
demand origin of the connection request to the 1st information processor from other received 
information processors. Authentication of the 2nd identification information is performed and 
the information about the address corresponding to the 2nd identification information is 
supplied to other attested information processors. 

[0028] It sets to the 1st program at the 1st information processor of this invention and an 
approach, and a list. The address which receives access from other 1st information processor 
is set up. The information about the set-up address is supplied to other 2nd information 
processor, authentication of the identification information supplied from other 1st 
information processor which accessed the addreBS is performed, and connection with other 
1st information processor is controlled based on the authentication result. 
[0029] It sets to the 2nd program at the 2nd information processor of this invention and an 
approach, and a list. The information about the address supplied from other 2nd acquired 
information processor is memorized. The connection request to other 2nd information 
processor supplied by other 1st information processor is received. The identification 
information supplied from other 1st information processor which is the demand origin of the 
connection request is acquired, authentication of the acquired identification information is 
performed, and the information about the address corresponding to identification information 
is supplied to other 1st information processor with which identification information was 
attested. 
[0030] 

[Embodiment of the Invention] Drawing 1 is drawing showing the example of a configuration 



of the network system which applied this invention. 

[0031] The local server 11 installed in the local- area 10 represented in a building etc. is 
connected to LAN12 which is the network in a local-area 10 represented by the home network 
etc. Moreover, the terminal unit 13 installed in the local- area 10 is also connected to LAN 12. 
[0032] LAN 12 is always connected to the network 21 of the exterior of a local-area 10 
represented by a telephone network, the Internet, etc. through the router which is not 
illustrated. 

[0033] The local server 11 controls the other devices currently installed in the terminal unit 
13 grade and the local-area 10 through LAN12. Moreover, the local server 11 has the 
information about the user who permits connection with LAN 12 from the outside of a 
local-area 10, acquires the connection request to LAN12 supplied from the network 21, and 
performs user authentication. 

[0034] The external terminal units 22, such as a personal computer, are connected, in a 
network 21, the external terminal unit 22 can communicate with the local server 11 through 
a network 21, and the local server 11 can be controlled or it can control to it the terminal unit 
13 connected to LAN12 through the local server 11. 

[0036] Moreover, by radiocommunicating with the base station 24 connected to the network 
21, it connects with the network 21, and a portable telephone 23 can communicate with the 
local server 11 through a network 21 like the external terminal unit 22 in this condition, and 
the local server 11 can be controlled or it can control the terminal unit 13 connected to LAN12 
through the local server 11. 

[0036] In order that the external terminal unit 22 and a portable telephone 23 may access the 
local server 11 at this time, it communicates with the connection management server 31 
currently installed in the authentication service provider 30 through a network 21. 
[0037] The authentication service provider 30 offers user authentication service, and 
performs authentication processing of a user accessed from the exterior of a local-area 10 to 
the local server 11. 

[0038] It connects with the network 21 and the connection management server 31 currently 
installed in the authentication service provider 30 processes the connection request to LAN12 
from the outside of a local-area 10. For example, the connection management Berver 31 
manages access to the local server 11 from the external terminal unit 22 or a portable 
telephone 23. 

[0039] Moreover, the address administration server 32 currently installed in the 
authentication service provider 30 manages the information about the local server 11 
Bupplied from the local server 11 through the network 21. Moreover, it connects also with the 
connection management Berver 31, and the address administration server 32 can supply the 
information about the local server 11 to the connection management server 31. 
[0040] It connects with the address administration server 32, and the authentication server 



33 currently installed in the authentication service provider 30 performs user authentication 
processing to access to the authentication service provider 30. For example, when the local 
server 11 accesses the address administration server 32 through a network 21, an 
authentication server 33 performs authentication processing of the user of the local server 11. 
Moreover, for example, when the external terminal unit 22 accesses the connection 
management server 31 through a network 21, an authentication server 33 communicates 
with the connection management server 31 through the address administration server 32, 
and performs authentication processing of the user of the external terminal unit 22. 
[0041] Since it connects mutually into the authentication service provider 30, required 
information can be shared, or the connection management server 31, the address 
administration server 32, and an authentication server 33 can distribute and perform 
processing. 

10042] Drawing 2 is the block diagram showing the example of a configuration of the local 
server 11 shown in drawing 1 . 

[0043] In drawing 2 , CPU (Central Processing Unit)51 performs various kinds of processings 
according to the program memorized by ROM (Read Only Memory)52 or the program loaded 
to RAM (Random Access Memory)53 from the storage section 63. To RAM53, CPU51 
performs various kinds of processings upwards again, and required data etc. are memorized 
suitably. CPU51, ROM62, and RAM53 are mutually connected through the bus 54. The 
input/output interface 60 is also connected to this bus 54 again. 

[0044] The communications department 64 constituted by the storage section 63 constituted 
with the display which consists of the input section 61 which consists of a keyboard, a mouse, 
etc., CRT (Cathode Ray Tube), LCD (Liquid Crystal Display), etc., the output section 62 
which becomes a list from a loudspeaker etc., a hard disk, etc., the modem, the terminal 
adopter, or the LAN adapter is connected to the input/output interface 60. 
[0045] Data including the information about a user etc., the program for performing various 
kinds of processings, etc. are memorized by the storage section 63, it is controlled by CPU51, 
and data and a program are supplied to RAM53. 

[0046] The communications department 64 performs the communications processing through 
LAN12. For example, through a terminal unit 13 and LAN12, it communicates or the 
communications department 64 communicates through the external external terminal unit 
22 and external network 21 of a local-area 10. 

[0047] Drive 70 is connected to an input/output interface 60 again if needed, it is suitably 
equipped with a magnetic disk 71, an optical disk 72, a magneto-optic disk 73, or 
semiconductor memory 74, and the computer program by which reading appearance was 
carried out from them is installed in the storage section 63 if needed. 

[0048] Drawing 3 is the block diagram showing the example of a configuration of the external 
terminal unit 22 shown in drawing 1 . 



[0049] In drawing 3 , CPU101 performs various kinds of processings according to the program 
memorized by ROM102 or the program loaded to RAM103 from the storage section 113. To 
RAM103, CPU101 performs various kinds of processings upwards again, and required data 
etc. are memorized suitably. CPU101, ROM102, and RAM103 are mutually connected 
through the bus 104. The input/output interface 110 is also connected to this bus 104 again. 
[0050] The communications department 114 constituted by the storage section 113 
constituted with the output section 112 which consists of the input section 111 and the 
display which consist of a keyboard, a mouse, etc., a loudspeaker, etc., a hard disk, etc., a 
modem, the terminal adopter, etc. is connected to the input/output interface 110. 
[0051] Data required to log in to the local server 11 of a local- area 10, the program for 
performing various kinds of processings, etc. are memorized by the storage section 113, it is 
controlled by GPU111, and data and a program are supplied to RAM113. 
[0052] The communications department 114 performs the communications processing 
through a network 21. For example, the communications department 114 communicates with 
the connection management server 31 or the local server 11 through a network 21. 
[0053] Drive 120 is connected to an input/output interface 110 again if needed, it is suitably 
equipped with a magnetic disk 121, an optical disk 122, a magneto-optic disk 123, or 
semiconductor memory 124, and the computer program by which reading appearance was 
carried out from them is installed in the storage section 113 if needed. 

[0054] Drawing 4 is the block diagram showing the example of a configuration of the 
connection management server 31 shown in drawing 1 . 

[0055] In drawing 4 , CPU151 performs various kinds of processings about management of 
connection to LAN12 from the outside of a local-area 10 according to the program memorized 
by ROM152 or the program loaded to RAM153 from the storage section 163. To RAM153, 
CPU 151 performs various kinds of processings upwards again, and required data etc. are 
memorized suitably. CPU151, ROM152, and RAM153 are mutually connected through the 
bus 154. The input/output interface 160 is also connected to this bus 154 again. 
[0056] The communications department 164 constituted by the storage section 163 
constituted with the output section 162 which consists of the input section 161 and the 
display which consist of a keyboard, a mouse, etc., a loudspeaker, etc., a hard disk, etc., a 
modem, the terminal adopter, etc. is connected to the input/output interface 160. 
[0057] A program, data, etc. for performing various kinds of processings are memorized by 
the storage section 163, it is controlled by CPU151, and data and a program are supplied to 
RAM153. 

[0058] The communications department 154 performs the external terminal unit 22 and 
communications processing through a network. Moreover, it connects with the address 
administration server 32, and the communications department 154 performs the address 
administration server 32 and communications processing. 



[0059] Drive 170 is connected to an input/output interface 160 again if needed, it is suitably 
equipped with a magnetic disk 171, an optical disk 172, a magneto-optic disk 173, or 
semiconductor memory 174, and the computer program by which reading appearance was 
carried out from them is installed in the storage section 163 if needed. 

[0060] Drawing 5 is drawing showing the example of a configuration of the address 
administration server 32 shown in drawing 1 . 

[0061] In drawing 5 </A>. CPU201 performs various kinds of processings about the address 
ft^inigtratipQ pf the SSrvsr, II flQCprfling tp %h$ program piemorizqd fry fiQM2Q2 pr {h? 

program toadefl tp RAMSQ3 frpm the Ptprare resto 313. Tp RAM3Q3. CPU2Q1 perform 

YflTiflMft frndfl of procfiqfiingq upwards agaii>, and required data efr f an? m.smorizsd guitably, 
CPU201. ROM202. and RAM203 are mutually connected through the bus 204. The 
inpMt/putput interface 2*0 jg al$Q gpnng^d tp tbis bug 2Q4 again, 

[0062] The communications department 214 constituted bv the storage section 213 
constituted with the output section 212 which consists of the input section 211 and the 
display which consist of a keyboard, a mouse, etc.. a loudspeaker, etc.. a hard disk, etc.. a 
paodqm, the tgryningl aflppfcr, 9tP, W ppnn^d tP the jjnpu,t/pMtpu.t interface 21Q, 

[QP631 Ths fflmmwicatioyiq department 314 performs ppmmunjqa^pnQ prp^^g with the 
loqjal ^regr. U tbrpugh ft network 2]L t Mprepyer. it ppnnecta mth.thejscinnection management 
server 31 and the authentication server 3 3. and the communications department 214 
performs communications processing with them. 

[0064] Drive 220 is connected to an input/output interface 210 again if needed, it is suitably 
equipped with a magnetic disk 2 21. an optical disk 222. a magneto-optic disk 223. or 
semiconductor memory 224. and the computer program bv which reading appearance was 
carried out from them is installed in the storage section 213 if needed, 

[0065] Next, actuation is explained. In the network system shown in drawing 1 , the user (not 
shown) of the local server 11 who manages LAN12 is the member of the authentication 
service provider 30, and presupposes that User Information is registered into the 
authentication server 33. In addition, a user may be made to be registered automatically at 
the time of local server 11 purchase or a setup. The user of the local server 11 registered into 
the authentication server 33 has the identification information for authentication service 
providers which consists of ID and the password which log in to the connection management 
server 31 and the address administration server 32. 

[0066] It is the member of the authentication service provider 30 as mentioned above, and 
when the local server 11 is newly installed by the user who has the identification information 
for authentication service providers or it is initialized, the local server 11 supplies the 
information about the local server 11 to the address administration server 32, and makes the 
local server 11 register into it through a network 21. 

[0067] The local server information registration processing by the local server 11 shown in 



drawing 1 is explained with reference to the flow chart of drawing 6 . 

[0068] First, in step SI, CPU51 of the local server 11 performs initialization processing, and 
generates the local server information which is the information about the local server 11. 
[0069] Model information, the information about a corresponding user, address information, 
the information about a connection key required for accesB, etc. are included in local server 
information. 

[0070] Model information the information about a user including the information about the 
model name of the local server 11, a part number, or the engine performance etc. The 
identification information for authentication service providers used when it connected with 
the address administration server 32, The address with which address information was 
assigned to the local server 11 including the information about the already registered user 
corresponding to the identification information etc. Or the information about a connection 
key includes a connection key and the information about the setting out including the 
information on the initial address of a log in screen etc. 

[0071] Next, CPU51 controls the communications department 64 and accesses the address 
administration server 32 using the identification information for authentication service 
providers. And in step S3, the information about an authentication processing result is 
acquired from the address administration server 32, and it judges whether it was attested or 
not. When it judges with having been attested, CPU51 progresses to step S4. 
[0072] In step S4, CPU51 supplies local server information to the address administration 
server 32, and requires the key for servers. The address administration server 32 generates 
the key for servers, it is a key supplied to the local server 11, and in case the local server 11 
logs in to the address administration server 32, it is used. 

[0073] The local server 11 will pass the identification information for authentication service 
providers to a network 32 periodically in that case by connecting with the address 
administration server 32 periodically, and the local server 11 iB not desirable on security so 
that it may mention later. Therefore, it is made to make for the local server 11 to log in using 
the identification information for authentication service providers only into 1 time of the 
beginning. That is, in case the local server 11 re connects with the address administration 
server 32 henceforth, the key for servers is used. 

[0074] In addition, the key for servers is related with User Information registered into the 
authentication server 33, and since it is generated and registered, it is valid until the local 
server 1 1 is initialized again. 

[0075] It stands by until it judges with CPU51 which required the key for servers of the 
addresB administration server 32 having progressed to step S5, having judged whether the 
key for servers was acquired, and having acquired. In addition, when predetermined time 
amount passes or an error message is acquired, CPU51 ends local server information 
registration processing. 



[0076] When it judges with having acquired the key for servers, CPU51 saves the key for 
servers which progressed to step S6 and was acquired in the storage section 63, and ends 
local server information registration processing. 

[0077] Moreover, in step S3, when it judges with not being attested, CPU51 ends local server 
information registration processing. 

[0078] Corresponding to the local server information registration processing by the local 
server 11 explained above, the address administration server 32 performs local server 
information registration processing. 

[0079] The local server information registration processing by the address administration 
server 32 shown in drawing 1 is explained with reference to the flow chart of drawing 7 . 
[0080] It stands by until it judges with whether connection was required from the local server 
11, and first CPU201 of the address administration server 32 having been judged and 
required in step S21. 

[0081] Authentication processing is performed based on the identification information for 
authentication service providers which the local server 11 accessed the address 
administration server 32 in step S2 of drawing 6 , CPU201 progressed to step S22 when it 
judged with having required connection, and was acquired. CPU201 controls the 
communications department 214, supplies the identification information for authentication 
service providers acquired to the authentication server 33, performs user authentication 
processing, and acquires a processing result. 

[0082] And CPU201 judges whether the identification information for authentication service 
providers acquired from the local server 11 was attested in step S23. When it judges with 
having been attested, CPU201 progresses to step S24, permits the connection request of the 
local server 11, and performs connection processing. At this time, a processing result is 
supplied to the local server 11. CPU51 of the local server 11 judges whether it was attested or 
not in step S3 based on the supplied processing result. 

[0083] And in step S25 of drawing 7 , it stands by until it judges with CPU201 having judged 
and acquired whether local server information was acquired from the connected local server 
11. In addition, when predetermined time amount passes, a circuit is cut electrically or an 
error message is acquired, CPU201 ends local server information registration processing. 
[0084] In step S4 of drawing 6 , when it judgeB with having acquired the local server 
information supplied by the local server 11, CPU201 progresses to step S26, is related with 
the local server information which generated and acquired the key for servers, and is 
registered into the storage section 213. 

[0085] In addition, the key for servers iB related with local server information, and is 
memorized, and in the user authentication using the key for servers, authentication of the 
key for servers and authentication of the equipment which supplied the key for servers are 
performed so that it may mention later. Therefore, the key for servers assigned to the local 



server 11 cannot be used from other equipments. 

[0086] Generating the key for servers, in step S27, registered CPU201 supplies the key for 
servers which controlled and generated the communications department 214 to the local 
server 11, and ends local server information registration processing. 

[0087] Moreover, in step S23, when it judges with the authentication server 33 having failed 
in authentication of the identification information for authentication service providers, 
CPU201 progresses to step S28, performs error processing, and ends local server information 
registration processing. 

[0088] If the local server 11 is initialized as mentioned above, the local server information 
which consists of information about the local server 11 will be supplied and registered into 
the address administration server 32. 

[0089] Using the information about the connection key contained in the local server 
information registered as mentioned above etc., the address of a log in screen is set up so that 
it may mention later. The information about a connection key is inputted by the user in the 
local server 11. 

[0090] Drawing 8 is drawing in the local server 11 in which a user shows the example of the 
appearance of a setting-out screen which performs setting out about a connection key. 
[0091] In drawing 8 , the setting-out screen 251 is a screen for a user to input Betting out 
about a connection key, and is GUI (Graphical User Interface) which is controlled by CPU51 
grade and displayed on the display of the output section 62 etc. Based on this setting-out 
screen 251, a user operates a keyboard, a mouse, etc. of the input section 61, and inputs 
setting-out information etc. 

[0092] In the setting-out screen 251, various setting out can be performed now by preparing 
various kinds of tabs, and a user's operating a mouse, and choosing a tab. In drawing 8 , the 
connection key tab 252 is chosen and setting out about a connection key can be performed 
now. 

[0093] The connection key setting-out column 253 is displayed, and when using [ whether a 
user sets up a connection key and ] a connection key, it can set selectively whether the 
content is changed automatically to the center section of the setting-out screen 251. Moreover, 
when changing automatically, the time interval can also be set up. 

[0094] Moreover, the connection key input column 254 is formed in the connection key 
setting-out column bottom, and in the connection key setting-out column 253, when being set 
up so that an automatic change of a connection key may not be made, a user can input a 
favorite connection key into the connection key input column 254. In drawing 8 , the 
character string "04C3DAFA07234e3c94ECAC7800681515 M is inputted into the connection 
key input column 254. 

[0095] Drawing 9 is drawing in the local server 11 in which a user shows other examples of 
the appearance of a setting-out screen which performs setting out about a connection key. 



[0096] In drawing 9 , the condition tab 261 of the setting-out screen 251 is chosen, and a user 
can control service about a connection key now. 

[0097] In the bottom of the condition tab 261 of the setting-out screen 251, the service control 
setting-out column 262 which controls service about a connection key is formed. A user 
operates the input section 61, and service can be started, it can stop or he can reboot it. 
[0098] The log in screen URL display column 263 which displays the address information of a 
log in screen is formed in the service control setting-out column 262 bottom. URL of a log in 
screen has composition which added the connection key to basic URL. That is, in the case of 
drawing 9 , URL of a log in screen has composition to which the connection key 
"04C3DAFA07234e3c94ECAC7800681515 n was added, and is displayed on basic URL 
H http7/00.11.222.3/aaaA)bb/ccc?" as "00.11.222.3/[ http:// 1 

aaa^bb/ccc?LoginKey=04C3DAFA07234e3c94ECAC7800681515." In addition, in the case of 
drawing 9 , the usual URL and URL of a SSL (Secure Socket Layer) response are displayed 
on the log in screen URL display column 263. 

[0099] SSL is a protocol which enciphers, transmits and receives information in networks, 
such as the Internet, and is a protocol for enciphering data used widely now, such as WWW 
(World Wide Web) and FTP (File Transfer Protocol), and transmitting and receiving the 
information in connection with privacy, a credit card number, a trade secret, etc. safely. SSL 
combines security techniques, such as public key encryption, a secret key cryptosystem, a 
digital certificate, and a Hash Function, and it aims at preventing tapping of data, an 
alteration, and spoofing. Based on the design policy of the network structure for realizing 
data communication between different models enacted by International Organization for 
Standardization, it can use transparent in the transport layer (the 4th layer) especially from 
the application software using the protocol of high orders, such as HTTP (HyperText 
Transfer Protocol) and FTP, with the OSI (Open Systems Interconnection) reference model 
which is a model which divided into the layered structure the communication facility which 
ehould have a computer, without being conscious. 

[0100] As mentioned above, by setting up so that an automatic change for example, of the 
connection key may be periodically made by constituting URL of a log in screen, since URL of 
a log in screen is changed periodically and open Lycium chinense cannot do a log in screen 
unless it acquires the identification information for authentication service providers even if 
the 3rd person receives ID and a password, unjust access can be controlled. 
[0101] Out of the tab with which the setting-out screen 251 which the user of the local server 
11 operates a keyboard, a mouse, etc. of the input section 61, and is displayed on the display 
of the output section 62 etc. is equipped, as shown in drawing 8 The connection key tab 252 is 
chosen, and in the connection key setting-out column 253, when changing automatically 
whether a connection key is automatically changed when using whether a connection key is 
used, the time interval which makes the change is set up. Moreover, when are not changed 



automatically and it seta up, a user inputs a connection key into the connection key input 
column 254. In addition, the number of alphabetic characters may be restricted, for example, 
a connection key may be made to be constituted by a character string or a digit string to 32 
128*bit characters etc. 

[0102] Next, the user whom the input of the setting-out screen 251 shown in drawing 8 
completed operates a keyboard, a mouse, etc. of the input section 61, chooses the condition 
tab 261, and makes service of the set-up connection key start in the service control 
setting-out column 262. In addition, the address information of the set-up connection key and 
a log in screen is displayed on the log in screen URL display column. 

[0103] As mentioned above, in the local server 11, a connection key is set up by the user and 
validated. The validated connection key is included in local server information, and is 
supplied to the address administration server 32. 

[0104] Setting out about the above connection keys can be updated by performing same 
actuation at any time. And when setting out about a connection key is updated, the local 
server information registered into the address administration server 32 is also updated. This 
update process is periodically performed by directions of a user or automatic. 
[0105] The local server information update process by the local server 11 shown in drawing 1 
is explained with reference to the flow chart of drawing 10 . 

[0106] First, in step S41, CPU51 of the local server 11 adds the updated connection key to 
address information, and updates the local server information memorized by the storage 
section 63. 

[0107] And in step S42, CPU51 addB the key for servers memorized in the storage section 63 
to the updated local server information, controls the communications department 64, and 
supplies it to the address administration server 32 through a network 21. It stands by until it 
judges with CPU51 which supplied local server information having progressed to step S43, 
having judged whether processing result information was acquired from the address 
administration server 32, and having acquired. In addition, when predetermined time 
amount passes, CPU51 ends a local server information update process. 

[0108] When it judges with having acquired processing result information, based on the 
processing result information which progressed to step S44 and was acquired, CPU51 
displays a processing result on the display of the output section 62 etc., and ends a local 
server information update process. 

[0109] Corresponding to the local Berver information update process by the local server 11 
explained above, the address administration server 32 also performs a local server 
information update process. 

[0110] The local server information update process by the address administration server 32 

shown in drawing 1 is explained with reference to the flow chart of flawing 11, . 

[0111] It stands by until it judges with CPU201 of the address administration server 32 



having judged and acquired whether the local server information and the key for servers 
which the local server 11 supplied in step S42 of drawing 10 were acquired through the 
network 21 in step S61. 

[0112] When it judges with having acquired local server information and the key for servers 
from the local server 11, CPU201 progresses to step S62, and performs authentication 
processing for the newly acquired key for servers in the storage section 213 as compared with 
the registered key for servers. In addition, it may be made to perform authentication of not 
only authentication of the key for servers but the user authentication from the content of 
local server information and the local server 11 etc. at this time. Thus, security can be further 
raised by performing two or more authentications. 

[0113] CPU201 which authentication processing ended judges whether the user was attested 
or not in step S63. And when it judges with having been attested, CPU201 updates the local 
server information registered into the storage section 213 in step S64 based on the acquired 
address information. 

[0114] And in step S65, CPU201 creates processing result information, supplies it to the local 

server 11 through a network 21, and ends a local server information update process. 

[0115] Moreover, in step S63, when authentication goes wrong and it judges with not being 

attested, CPU201 progresses to step S65, generates processing result information, supplies it 

to the local server 11, and ends a local server information update process. 

[0116] Since a local server information update process is performed as mentioned above, 

when it sets up so that a connection key may be changed automatically, it can prevent 

flowing the identification information for authentication service providers into a network 21 

periodically. 

[0117] Next, how to connect with the local server 11 through a network 21 from the exterior of 
a local-area 10 is explained using the connection key set up as mentioned above. 
[0118] The case where it logs in to the local server 11 through a network 21 from the external 
terminal unit 22 is explained with reference to the timing chart of drawing 12 . Moreover, 
with reference to drawing 13 thru/or drawing 16 , it explains if needed. In' addition, the user 
of the external terminal unit 22 is registered into the local server 11, and has the 
identification information which consists of ID, a password, etc. 

[0119] First, in step S81, CPU101 of the external terminal unit 22 controls the 
communications department 114, accesses the connection management server 31 of the 
authentication service provider 30 through a network 21, and supplies the identification 
information for authentication service providers. 

[0120] Drawing 13 is drawing showing the example of the log in screen of the WEB browser 
displayed on the display of the output section 112, when the external terminal unit 22 
accesses the connection management server 31. 

[0121] In drawing 13 , the log in carbon button 284 with which the ID input column 282 



which inputs ID, the **** WORD input column 283 which enters a password, and a user 
direct a log in by operating it with the mouse of the input section 111 etc. is displayed on the 
log in screen 281. 

[0122] If a user accesses the predetermined address of the connection management server 31, 
the connection management server 31 will supply GUI information as shown in drawing 13 to 
the external terminal unit 22 through a network 21. The external terminal unit 22 will 
display the log in screen 281 as shown in the WEB browser currently displayed on the display 
at drawing 13 , if the GUI information is acquired. 

[01231 The user of the external terminal unit 22 enters into the ID input column 282 and the 
password input column 283 ID and the password which are contained in the identification 
information for authentication service providers, respectively, and operates a log in carbon 
button with a mouse etc. CPU101 of the external terminal unit 22 will supply ID and the 
password which were entered to the connection management server 31 through a network 21, 
if the log in carbon button 284 is operated by the user. 

[0124] CPU151 of the connection management server 31 acquires the supplied identification 
information for authentication service providers in step S101. And in step S102, CPU151 
supplies the identification information for authentication service providers acquired to the 
authentication server 33, and requires the authentication. 

[0126] In step S121, CPU of the authentication server 33 which is not illustrated will perform 
authentication processing to the identification information in step S122, if the supplied 
identification information for authentication service providers is acquired. And CPU of an 
authentication server 33 supplies the authentication result to the connection management 
server 31 in step S123. 

[0126] In Btep S103, CPU151 of the connection management server 31 controls the 
communications department 164, and if it acquires the authentication result supplied from 
the authentication server 33 and it judges that it was attested, it will supply the 
identification information [ finishing / authentication ] for authentication service providers to 
the address administration server 32 in step S104. 

[0127] In step Sill, if CPU201 of the address administration server 32 controls the 
communications department 214 and the supplied identification information for attested 
authentication service providers is acquired, it will retrieve the local server information 
corresponding to the acquired identification information for authentication service providers 
registered into the storage section 213 in step S112. 

[0128] And in step S113, CPU201 controls the communications department 214 and supplies 
the retrieved local server information to the connection management server 31. In step S105, 
CPU151 of the connection management server 31 controls the communications department 
164, and acquires the supplied local server information. 

[0129] CPU151 of the connection management server 31 which acquired local server 



information generates the data for supply for supplying the external terminal unit 22 in step 
S106 based on the acquired local server information. The address information of the log in 
screen of the local server 11 corresponding to the identification information for 
authentication service providers which the external terminal unit 22 supplied is contained in 
the data for supply. When two or more address information of the log in screen corresponding 
to identification information exists at this time, two or more address information is contained 
in the data for supply. 

[0130] In step S107, CPU151 of the connection management server 31 which generated the 
data for supply controls the communications department 164, and supplies the data for 
supply to the external terminal unit 22 through a network 21. 

[0131] In step S82, if CPU101 of the external terminal unit 22 controls the communications 
department 114 and the data for supply are acquired, it will display the list of the local 
servers which are connection places as shown in drawing 14 on the WEB browser displayed 
on the display of the output section 112 based on the data for supply. 

[0132] Drawing 14 iB drawing showing the example of the local server list screen displayed on 
the WEB browser. 

[0133] In drawing 14 , the local server list display column 292 which displays a list of the 
personal computer (PC is called hereafter) which is the local server registered into the 
address administration server 32 corresponding to the user of the external terminal unit 22 is 
formed in the center of the local server list screen 291. The target PC is chosen from PCs with 
which the user of the external terminal unit 22 is displayed, and if the access carbon button 
293 currently displayed in the local server list display column 292 with the mouse etc. is 
operated, CPU101 will control the communications department 114 and will access directed 
PC. 

[0134] Moreover, if a user operates with a mouse etc. the updating carbon button 294 
prepared in the upper right of the local server list display column 292 of the local server liBt 
screen 291, CPU101 will update the information currently displayed on the local server list 
display column 292, and will display the list information on the newest PC. 
[0135] If the detailed information display carbon button 295 is furthermore formed in the 
local server list display column 292 bottom and a user operates this detailed information 
display carbon button 295 with a mouse etc., detailed information currently displayed on the 
local server list display column 292, such as address information of PC and model 
information, will be displayed, for example. Moreover, registration of PC currently displayed 
on the local server list display column 292 can also be canceled. If registration of PC is 
canceled based on GUI as which the user was displayed, the PC will be deleted from the local 
server list display column 292 of the local server list screen 291. 

[0136] Moreover, the SSL release button 296 and the log out carbon button 297 are formed in 
the upper right portion of the local server list screen 291. 



[0137] The external terminal unit 22 connects by using SSL for the local server 11 and 
usually enciphering information. If a user operates the SSL release button 296 with a mouse 
etc., the external terminal unit 22 can communicate with the local server 11, without 
performing encryption by SSL. Since it can communicate by this, without covering the load 
by the encryption using SSL, even if it is the case which is not high, it can communicate with 
the local server 11, for example. 

[0138] Moreover, if a user operates the log out carbon button 297 with a mouse etc., the 
external terminal unit 22 will log out of the connection management server 31 connected, and 
will interrupt the connection processing to the local server 11. 

[0139] If the user of return and the external terminal unit 22 chooses as drawing 12 PC 
connected from the above local server list screens 291 and directs connection to it, CPU 101 of 
the external terminal unit 22 will be accessed in step S83 at the local server 11 based on the 
data for supply. CPU101 refers to URL to which the connection key of the access place of 
directed PC was added out of the acquired data for supply, and is accessed at the URL. 
[0140] In step S91, CPU51 of the local server 11 accessed through the network 21 from the 
external terminal unit 22 supplies log in screen data to the external terminal unit 22 through 
a network 21 in step S92. 

[0141] In step S84, CPU101 of the external terminal unit 22 acquires the log in screen data 
supplied from the local server 11, controls the output section 112, and displays the log in 
screen acquired on the display etc. 

[0142] Drawing 15 is drawing showing the example of the log in screen displayed on the 
display. 

[0143] In drawing 15 , the WEB browser screen 301 is displayed on a display, and the log in 
screen 302 is displayed on a WEB browser screen. The O.K. carbon button 305 which directs 
initiation of the processing which supplies the entered user name and the password to the 
local server 11 because the user name input column 303 which inputs the user name 
contained in the identification information for local servers which the user of the external 
terminal unit 22 has in the center of the log in screen 302, the password input column 304 
which enters similarly the password contained in the identification information for local 
servers, and a user operate it with a mouse etc. is formed. 

[0144] A user can operate a keyboard or a mouse, can input the user name registered into the 
local server 11 at the user name input column 303 of the log in screen 302, can enter the 
password registered at the local server 11 at the password input column 304, and can supply 
the identification information for local servers to the local server 11 by operating the O.K. 
carbon button 305. 

[0145] If return and a user input the identification information for local servers and direct 
supply to drawing 12 based on the log in screen 302, in step S85, CPU101 of the external 
terminal unit 22 will control the communications department 114, and will supply the 



inputted identification information for local servers to the local server 11 through a network 
21. 

[0146] In step S93, CPU51 of the local server 11 controls the communications department 64, 
acquires the supplied identification information for local servers, and performs 
authentication processing based on the information about the user memorized by the storage 
section 63 about the identification information for local servers acquired in step S94. And 
after authentication processing is completed, CPU51 supplies an authentication processing 
result to the external terminal unit 22 in step S95. CPU101 of the external terminal unit 22 
acquires the supplied authentication processing result in step S86. 

[0147] In addition, when URL to which the connection key before the external terminal unit 
22 changing was added is accessed for example, after the connection key was changed (URL 
of a log in screen was changed), the local server 11 supplies an error-processing result to the 
external terminal unit 22, and refuses connection. Based on the acquired error-processing 
result, the external terminal unit 22 displays on a display the WEB browser 301 which shows 
the error screen 310 where the error message "reenter from a my page" was displayed, as 
shown in drawing 16 . 

[0148] By connection processing being performed as mentioned above, in order to access the 
log in screen of the local server 11 from the exterior, it must connect with the connection 
management server 31 of the authentication service provider 30, and URL of a log in screen 
muBt be acquired. That is, in order to communicate with the local server 11, the identification 
information for authentication service providers and the identification information for local 
servers are needed, and a more certainly unjust log in can be controlled. 
[0149] Moreover, the user of the local server 11 can make the level of security adjust freely by 
setting up a connection key in the setting-out screen 251 of drawing 8 . When a connection 
key is set as an invalid, for example, the external terminal unit 22 If URL of the log in screen 
of the local server 11 is acquired, can log in to the local server 11 only by the identification 
information for local servers, and When the connection key of immobilization is set up 
effectively, the external terminal unit 22 If URL to which it logged in to the local server 11 
once, and the connection key of the log in screen of the local server 11 was added is acquired 
When set as the connection key automatically changed with the time interval which could log 
in to the local server 11 only by the identification information for local servers, and was 
decided, the external terminal unit 22 Whenever a connection key is changed, URL of a log in 
screen must be required of the connection management server 31 of the authentication 
service provider 30. 

[0150] Moreover, since the address administration server 32 of the authentication service 
provider 30 manages URL of the log in screen of the local server 11 and the information about 
the local server corresponding to a demand is supplied by the list even if it places, when the 
log in is permitted to the user of the external terminal unit 22 by two or more local servers, 



the external terminal unit 22 does not need to memorize all URL of a log in screen, and is 
easy address administration. 

[0151] In addition, although the processing which the external terminal unit 22 connects 

above at the local server 11 was explained, it radiocommunicates with the base station 24 

connected to the network 21, and when the portable telephone 23 connected to the network 

21 connects with the local server 11, the processing is performed similarly. 

[0152] Next, the access-control processing performed by the connection management server 

at this time is explained with reference to the flow chart of drawing 17 . 

[0153] It stands by until it judges with first CPU151 of the connection management server 31 

being judging whether the communications department's 164 having been controlled and the 

identification information for authentication service providers having been acquired from the 

external terminal unit 22, and having judged and required whether connection with the local 

server 11 was required in Btep SI 31. 

[0154] The identification information for authentication service providers is acquired, and 
when it judges with connection with the local server 11 having been required, CPU151 
performs authentication processing about the identification information for authentication 
service providers which progressed to step S132 and was acquired. CPU151 supplies the 
acquired identification information for authentication service providers to an authentication 
server 33 as authentication processing, and requires authentication of identification 
information. And the authentication result supplied from an authentication server 33 is 
acquired. This processing corresponds to step S102 and step S103 of drawing 12 . 
[0155] CPU161 judges whether the identification information for authentication service 
providers was attested in step S133 based on the acquired authentication result. When it 
judges with having been attested, in step S134, CPU151 supplies the attested identification 
information to the address administration server 32, and requires corresponding local server 
information. This processing corresponds to step S104 of drawing 12 . 

[0156] And in step S135, it stands by until it judges with CPU151 having judged and acquired 
whether the local server information demanded from the address administration server 32 
was acquired. In addition, when predetermined time amount passes, or when an error 
message etc. is acquired, CPU 151 ends access-control processing. 

[0157] When it judges with having acquired the demanded local server information, CPU151 
generates the data for supply based on the local server information progressed and acquired 
to step S136. This processing corresponds to step S106 of drawing 12 . 

[0158] CPU151 which generated the data for supply supplies the data for supply which 
progressed to step SI 37 and were generated to the external terminal unit 22 through a 
network 21, and ends access-control processing. This processing corresponds to step S107 of 
drawing \2 . 

[0159] Moreover, in step SI 33, when it judges with the identification information for 



authentication service providers not being attested based on the acquired authentication 
result, CPU151 ends access-control processing. 

[0160] Based on directions of a user, the external terminal unit 22 connected to the local 
server 11 as mentioned above can communicate with the local server 11 through a network 21, 
and can control the terminal unit 13 grade connected to the local server 11 or LAN 12 by 
requiring of the application program with which the local server 11 is equipped. 
[0161] Drawing 18 is drawing showing the situation of the application program which the 
external terminal unit 22 and the local server 11 have. With reference to drawing 18 , the 
situation of a communication link of the external terminal unit 22 and the local server 11 is 
explained. 

[0162] In drawing 18 , the local server 11 is equipped with the WEB server 321, and this 
WEB server 321 performs the communication link using HTTP etc., and exchanges various 
kinds of information, such as an HTML document, and an image, voice, with the external 
terminal unit 22 through LAN 12 and a network 21. 

[0163] Moreover, SSL322 which performs encryption which used SSL to the WEB server 321 
is in cooperation, and the WEB server 321 enciphers the transmit data transmitted to the 
external terminal unit 22 using this SSL322, or decodes the received data which were 
supplied from the external terminal unit 22 and which are enciphered. 

[0164] Moreover, the framework 323 for operating various kinds of application programs is 
formed in the local server 11, the demand information from the external terminal unit 22 
supplied through a WEB server is supplied to an application program, or the processing 
result of an application program is supplied to the external terminal unit 22 through the 
WEB server 321. 

[0165] In drawing 18 , schedule pipe ** program 331C which manages the information about 
mail client program 33 1A which performs client processing to the mail server which is not 
illustrated, and the address, for example, manages the information about the schedule which 
address manager 331B which cooperates with mail client program 331A, and operates, and a 
user inputted, application program 33 ID which is other application programs are carried in 
the framework 323. The number which what kind of application program may be carried also 
besides having mentioned above, and is carried can be operated in a framework 323, and it is 
good for it without limit. 

[0166] The WEB contents 324 grade is in cooperation, and a framework 323 is provided with 
help 332A, image 332B, etc. which the application program carried in the framework 323 or 
the framework 323 needs. In addition, the WEB contents 324 may be equipped with the 
contents except having mentioned above. 

[0167] The JAVA (trademark) related module 325 is in cooperation to the framework 323, 
and the JAVA (trademark) related module 325 provides it with the function about the JAVA 
(trademark) language which the application program carried in the framework 323 and the 



framework 323 needs. 

[0168] The external terminal unit 22 connected with the local server 11 through LAN12 and 
the network 21 has the WEB browser 341, performs the communication link using HTTP etc. 
using the WEB browser 341, and exchanges various kinds of information, such as an HTML 
document, and an image, voice, with the local server 11. In addition, although a graphic 
display is omitted, the WEB browser 341 has the SSL function and can perform 
crypto communication using the WEB server 321 and SSL. 

[0169] As mentioned above, the local server 11 and the external terminal unit 22 perform the 
communication link which used HTTP by the WEB server 321 and the WEB browser 341. 
[0170] Next, the communications processing by the local server 11 and the external terminal 
unit 22 is explained with reference to the timing chart of drawing 19 . Here, the case where 
the external terminal unit 22 controls application program 33 ID of the local server 11 is 
explained. 

[0171] First, the WEB browser 341 of the external terminal unit 22 supplies demand 
information directed to the user, such as a screen display and information setting out, to the 
WEB server 321 of the local server 11 through a network 21 and LAN12 in step S151. 
[0172] In step S161, the WEB server 321 will supply the acquired demand information to a 
framework 323 in step S162, if the demand information supplied from the WEB browser 341 
is acquired. 

[0173] In step S171, a framework 323 will perform first authentication processing of the user 
of the external terminal unit 22 which supplied demand information in step S172, if the 
demand information is acquired. Authentication processing is performed by the connection 
key used in case for example, demand information is supplied, a user's identification 
information contained in demand information. And if a user is attested, in step SI 73, a 
framework 323 will form acquired demand information into an XML (extensible Markup 
Language) document, and will supply the demand information formed into the XML 
document in step SI 74 to corresponding application program 33 ID. 

[0174] Drawing 20 is drawing showing the example of the demand information formed into 
the XML document by the framework 323. 

[0175] In drawing 20 , basic information, such as a version of XML and an encoding method, 
is constituted from a top by the 1st line. The initial entry which includes the information 
about the model of connected equipment, the information about the address, etc. in the 3rd 
line thru/or the 6th line is constituted. 

[0176] And the information about the user who has connected which includes the information 
about the folder to which the file for the users exists in a user's ID and a password, and a list 
etc. in the 7th line and the 9th line consists of tops. Moreover, the information inputted as a 
processing demand is constituted by the 8th line. Furthermore, the location where 
application inputs into the 10th line thru/or the 13th line the matter required of a framework 
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is indicated by XFath which is the .notation used for location specification of an XML 
document. 

[0177] The above demand information supplied to an application program is formed into the 
XML document, all required information is constituted, and there is especially no limit about 
DS, such as an item and a line count. Application does not need to prepare the communalized 
DS which all application programs can read that what is necessary is just to be able to deal 
with an XML document. That is, also in case an application program is newly added to a 
framework 323 for example, the DS which the application program to add reads does not 
need to be as common as the DS which the application program carried previously reads, and 
versatility is high. 

[0178] It folio wb, for example, data required for the newest application program can add the 
newest application program by modification of specification etc., without changing a 
framework, when it differs from the DS which the old application program used. 
[0179] The proper required of drawing 19 based on the demand information acquired in step 
S182 by application program 331D acquiring return and the demand information formed into 
the XML document as mentioned above in step S181 is processed, and the response 
indication corresponding to demand information is generated in step SI 83. 
[0180] Application program 33 ID acquires various information to be used, such as a folder 
which has the file for users which is making current connection, for example, and the content 
of a demand, from the demand information which is supplied from a framework 323 and 
which was formed into the XML document. Since the framework 323 is performing required 
information analysis about demand information, application program 33 ID can acquire 
required information according to the content described by XPath of the demand information 
formed into the XML document. 

[0181] And in step 184, application program 331D supplies the response indication which 
added the display information in step S185 to a framework 323, after adding the display 
information about a screen display to the generated response indication. 
[0182] Drawing 21 is drawing showing the example of the response indication supplied to a 
framework 323 from application program 331D. 

[0183] In drawing 21 , from a top, since the 1st line thru/or the 9th line are the contents and 
oscillations which are shown in drawing 20 , the explanation is omitted. As for the 10th line 
thru/or the 14th line, the demand to a framework 323 is set up, and it is constituted by 
information setting out of an application proper after the 16th line. 

[0184] The response indication outputted from application program 331D is supplied to the 
terminal unit which is demand information demand-origin through a framework. Therefore, 
the content and format which are displayed will change with magnitude of the display of the 
terminal unit, a demand, etc. However, a framework 323 creates the optimal informatioh for 
the terminal unit which is a requiring agency by editing the response indication supplied 
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from the application program by application program 33 ID adding all the information needed 
to an XML document, without the model of terminal unit which supplied demand information 
being conscious of especially something, unless it is required. 

[0185] The response indication supplied to drawing 19 at return and the above application 
program 331D is acquired by the framework 323 in step S175. And in step S176, based on the 
acquired response indication, a framework 323 generates the optimal response indication for 
an output for the supply origin of demand information, and supplies the generated response 
indication for an output in step S177. That is, a framework 323 changes XSL (extensible 
Stylesheet Language) to be used, and generates a HTML document so that a response 
indication may be analyzed and it may become the optimal output image configuration 
according to the class of WEB browser of the supply origin of demand information etc. In 
addition, while a framework 323 generates a HTML document, it analyzes a response 
indication and you may make it change CSS (Cascading Style Sheet) to be used according to 
the class of WEB browser of the Bupply origin of demand information etc., so that an output 
image may serve as optimal layout. 

[0186] In step S163, the WEB server 163 will supply the acquired response indication for an 
output to the external terminal unit 22 which is the supply origin of demand information in 
step S164, if the response indication for an output supplied to the framework 323 is acquired. 
The external terminal unit 22 acquires the supplied response indication for an output, and is 
made to display it on a display etc. in step S152. 

[0187] The local server 11 and the external terminal unit 22 perform communications 
processing as mentioned above. Although it explained that the external terminal unit 22 
controlled application program 331D of the local server 11 above, if the application program 
which not only this but the external terminal unit 22 controls is an application program 
carried in a framework 323, it is good anything. Moreover, also when a portable telephone 23 
performs the local server 11 and communications processing, the same processing as the case 
where it mentions above is performed. 

[0188] Next, the application program management processing by the framework 323 
performed in this communications processing is explained with reference to the flow chart of 
frftwjng.23 . 

[0189] It stands by until it judges with the framework 323 having judged and acquired 
whether demand information was acquired from the WEB server 321 in Btep S201. And when 
it judges with having acquired, authentication processing which mentioned the framework 
323 above to the demand information progressed and acquired to step S202 judges whether it 
is the need. 

[0190] When it judges with authentication processing being required, a framework 323 
performs authentication processing to step S203 to the demand information progressed and 
acquired. This processing is equivalent to processing of step SI 72 of (hrawjng . And a 



framework 323 progresses to step S204, and it judges whether the user of the supply origin of 
demand information was attested. 

[0191] When it judges with having been attested, a framework 323 progresses to step S205. 
Moreover, in step S202, when it judges with authentication processing not being required, a 
framework 323 progresses to step S205. 

[0192] In step S205, a framework 323 forms acquired demand information into an XML 
document, as mentioned above. This processing is equivalent to processing of step SI 73 of 
ikawingJS. 

[0193] In step S206, when it judges with whether the demand information corresponding to a 
framework 323 exists, and it judging and existing, the framework 323 which formed demand 
information into the XML document progresses to step S207, based on demand information, 
performs required processing and progresses to step S208. In step S206, when it judges with 
the demand information corresponding to a framework 323 not existing, a framework 323 
progresses to step S208 as it is. 

[0194] In step S208, when it judges with whether the demand information supplied to an 
application program exists, and it judging and existing, a framework 323 progresses to step 
S209, and supplies demand information to a corresponding application program. This 
processing is equivalent to processing of step S174 of drawing 19 . 

[0195] The framework 323 which supplied demand information progresses to step S210. 
Moreover, in step S208, when it judges with the demand information supplied to an 
application program not existing, a framework 323 progresses to step S210. In step S210, it 
stands by until it judges with a framework 323 judging whether the response indication was 
acquired from the application program which supplied demand information, and not 
acquiring or supplying demand information. 

[0196] When it judges with having acquired the response indication or not supplying demand 
information, a framework 323 progresses to step S211. Moreover, in step S204, when it 
judges with a user not having been attested, a framework 323 progresses to step S211. 
[0197] In step S211, a framework 323 generates the optimal response indication for an output 
based on the acquired response indication. This processing is equivalent to processing of step 
S176 of drawing 19 . The framework 323 which generated the optimal response indication for 
an output supplies the response indication for an output which progressed to step S212 and 
was generated to the WEB server 321, and ends application program management processing. 
[0198] Communications processing is performed as mentioned above, the external terminal 
unit 22 controls mail client program 331A of the local server 11, and the processing in the 
case of referring to the electronic mail which the local server 11 received from the exterior of 
a local-area 10 is explained with reference to the timing chart of drawing 23 . Suitably with 
reference to drawing 24 thru/or drawing 26 , it explains if needed. 

[0199] First, in step S251, mail client program 331A shown in ^rawing 18 accesses a mail 



server, and still requires the non-received mail which is an electronic mail which has not 
been received. Based on setting out registered beforehand, this processing is a predetermined 
time interval and is performed automatically repeatedly. 

[0200] In step S241, a mail server supplies the demanded non-received mail to mail client 
program 33 1A in step S242, when the demand from mail client program 331A is acquired and 
there is non-received mail. In step S252, mail client program 33 1A saves the acquired mail in 
step S253, if the supplied electronic mail is acquired. 

[0201] With directions of a user, in step S231, the external terminal unit 22 which exists in 
the exterior of a local-area 10 accesses the local server 11 through a network 21, and requires 
the mail corresponding to a user's account. 

[0202] Drawing 24 is drawing showing the example of the mail client top screen displayed on 
the display of the external terminal unit 22. If the external terminal unit 22 accesses the local 
server 11 through a network 21, as mentioned above, authentication processing is performed, 
and the framework 323 of the local server 11 will operate the mail client program 331, and 
will supply GUI information as shown in drawing 24 to the external terminal unit 22 as a 
response indication. CPU101 of the external terminal unit 22 displays the GUI information 
which controlled and acquired the output section 112 on the WEB browser screen 301 
currently displayed on the display. 

[0203] In drawing 24 , the mail client top screen 351 is displayed on the WEB browser screen 
301. The mail client top Bcreen 351 is GUI of a high order most in GUI which mail client 
program 331A supplies, and is constituted by the carbon button and link which perform 
various kinds of functions which mail client program 33 1A offers. That is, by operating the 
link which constitutes the mail client top screen 351, and a carbon button, the user of the 
external terminal unit 22 can display the mailbox which displays the list of electronic mails 
which received, for example, or can display the screen which creates an electronic mail newly. 
[0204] The carbon button group which performs various kinds of functions containing the 
advice / transfer setup-key 353 grade which operates the function to set up the address book 
carbon button 352 which operates the function of the address book used in case a new 
electronic mail is created because a user operates it with a mouse etc., the advice of an 
electronic mail which reoeived a message, and the address of the destination is formed in the 
upper part of the mail client top screen 351. 

[0205] The function selection column 354 as which the list of the functions which mail client 
program 33 LA offers is displayed on the left-hand side of the mail client top screen 351 as a 
link is constituted, and a user can perform various kinds of functions also by directing these 
links with a mouse etc. 

[0206] Moreover, the main menu column 355 which consists of a carbon button group which 
operates the main functions, and its explanation is formed in the center of the mail client top 
screen 351. A user can choose the function to make it operate also by operating the carbon 



button contained in the main menu column 355 with a mouse etc. 

[0207] The user of the external terminal unit 22 directs the demand to mail client program 
331A based on the above GUI screens. For example, if a user demands the display of a 
mailbox, the external terminal unit 22 will supply the demand to mail client program 33 1A in 
step S231. This demand is supplied to the local server 11, as mentioned above, processing is 
performed, and it is supplied to mail client program 33 1A. 

[0208] In step S254, as mentioned above, mail client program 331A which acquired the 
demand processes a proper, and supplies the information about a saved mail list. In step 
S232, if the information about the supplied saved mail list is acquired, the external terminal 
unit 22 will display the acquired saved mail list on a display etc., as shown in drawing 25 . 
[0209] Drawing 25 is drawing showing the example of the mailbox screen displayed on the 
display of the external terminal unit 22. 

[0210] The mailbox screen 361 which displays a list of the saved mail supplied to the WEB 
browser screen 301 currently displayed on the display of the external terminal unit 22 from 
mail client program 331A of the local server 11 is constituted. 

[0211] The reception mail selection column 362 which consists of a list of saved mail is 
constituted by the mailbox screen 361. The reception mail selection column 362 is constituted 
by unread or the item which shows the item which shows conditions, such as existing **, the 
item which shows the existence of an attached file, the item which shows the identifier of the 
addresser of an electronic mail, the item which shows the subject name of an electronic mail 
and an arrival~of~the~mail date, or a transmitting date. 

[0212] A part or all is constituted by the link among the contents currently displayed on the 
reception mail selection column 362, and the user of the external terminal unit 22 can display 
the text of the electronic mail etc. by choosing the subject name of the target electronic mail 
by operating a mouse etc. from the electronic mails currently displayed on the reception mail 
selection column 362. 

[0213] If the target mail is chosen as drawing 23 from the reception mail selection columns 
362 which return and a user show to drawing 25 , in step S233, the external terminal unit 22 
will choose the electronic mail directed to the user from the acquired preservation mail lists, 
and it will require it of mail client program 33 1A so that the electronic mail may be supplied. 
[0214] The demand from the WEB browser 341 of the external terminal unit 22 is supplied to 
mail client program 331A through the WEB server 321 and a framework 323. Mail client 
program 33 1A acquires the demand in step S256. Mail client program 33 1A which acquired 
the demand from the external terminal unit 22 performs processing corresponding to a 
demand, and supplies the demanded electronic mail to the external terminal unit 22 in step 
S257. 

[0215] In step S234, if the external terminal unit 22 acquires the supplied electronic mail, it 
will be displayed on a display etc. 



[0216] Drawing 26 is drawing showing the example of the e-mail display column displayed on 
the display of the external terminal unit 22. 

[0217] In drawing 26 , the e mail display column 371 which displays the text of an electronic 
mail etc. is displayed on the WEB browser screen 301. The date of an electronic mail, the 
addresser , the destination, the multiple address, a subject name, the information about an 
attached file, etc. are displayed on the e-mail display column 371 besides the text of an 
electronic mail. 

[0218] The user of the external terminal unit 22 can see the content of the electronic mail 
received in the local server 11 by referring to this e-mail display column 371. Thereby, a user 
becomes possible [ reading the electronic mail which mail client 33 1A of the local server 11 
currently installed in the house received also in a going-out place ]. 

[0219] Although the processing which acquires the electronic mail which mail client program 
33 1A received above in the exterior of a local-area 10 was explained The user of not only this 
but the external terminal unit 22 Create transmitting mail by the account registered for 
example, into mail client program 331A by performing processing mentioned above and same 
processing, or Various functions which mail client program 33 1A of carrying out classifying 
reception mail into a folder etc., and arranging, or changing various kinds of setting out about 
mail client program 33 1A has are controllable. 

[0220] Moreover, when not only this but an electronic mail is received, the purport which 
mail client program 331A received may be notified automatically, or you may make it. 
transmit the received mail to the external terminal unit 22, although it explained that the 
external terminal unit 22 accessed the local server 11 based on directions of a user, and the 
electronic mail which mail client program 331A received beforehand above acquired. 
[0221] In that caBe, the user sets up beforehand so that the electronic mail which mail client 
program 331A notifies that, or received to the external terminal unit 22 at the time of 
electronic mail reception may be transmitted. If advice / transfer setup key 353 the user of 
the external terminal unit 22 indicates the external terminal unit 22 to be to a display etc. 
with a mouse etc. at drawing 24 is operated, the advice / transfer list display column which 
performs setting out about advice and a transfer as shown in drawing 27 will be displayed. 
[0222] Drawing 27 is drawing showing the advice / transfer list display column currently 
displayed on the WEB browser screen. 

[0223] In drawing 27 , the advice transfer list display column 381 as which the list of setting 
out about the advice at the time of electronic mail reception or a transfer is displayed is 
displayed on the WEB browser screen 301 currently displayed on the display. 
[0224] It is already set up and the carbon button which deletes in the setting-out information 
currently displayed on the list is prepared because the additional carbon button 382 which 
displays on the WEB browser screen 301 GUI which adds setting-out information newly 
because the user other than the list of the setting-out information about the advice and the 



transfer set to the advice / transfer list display column 381 until now operates it with a mouse 
etc., and a user operate it with a mouse etc. 

[0225] By operating the additional carbon button 382 using a mouse etc., the user of the 
external terminal unit 22 can display on the WEB browser screen 301 the advice and the 
destination setting-out column which can perform setting out of advice or a transfer as shown 
in drawing 28 , and can create new setting-out information. 

[0226] Drawing 28 is drawing showing the advice and the destination setting-out column 
currently displayed on the WEB browser screen. 

[0227] In drawing 28 , the advice destination setting-out column 391 which can perform 
setting out about the advice at the time of electronic mail reception or a transfer is displayed 
on the WEB browser screen 301 currently displayed on the display. 

[0228] The data name input column 392 and user as whom a user inputs the identifier of the 
setting-out information about advice and a transfer using a mouse or a keyboard use a mouse 
etc. for advice and the destination setting-out column 391. The action selection column 393 
and user who choose the content of the processing which this setting-out information directs 
use a mouse or a keyboard. The comment input column 395 grade into which the advice and 
the destination address input column 394 which inputs the address of advice or the 
destination, and a user input the comment about this setting-out information etc. using a 
mouse or a keyboard is prepared. Moreover, when a user uses and operates a mouse etc. 
besides this, the additional carbon button which newly registers the inputted setting-out 
information may be constituted. 

[0229] Based on this advice and destination setting-out column 391, the user of the external 
terminal unit 22 can input the setting-out information about advice or a transfer, and can 
register it beforehand. 

[0230] Processing in case setting out which is made to notify at the time of reception is 
beforehand performed based on the GUI screen more than it was displayed on the WEB 
browser screen 301, as shown is explained with reference to the timing chart of drawing 29. 
[0231] If non-received mail is required in step S291 like the case where it is shown in drawing 
23 , with the time interval as which mail client program 331 A was determined beforehand, in 
step S281, a mail server acquires the demand, and when the non-reoeived mail corresponding 
to a demand exists, it will supply the non-received mail to mail client program 33 1A in step 
S282. 

[0232] In step S292, mail client program 331 A will generate the advice mail which notifies 
the new reception mail which carried out income in step S293, if the supplied electronic mail 
is acquired. 

[0233] And in step S294, mail client program 33 1A supplies the generated advice mail to the 
external terminal unit 22 through a network 21. In step S271, the external terminal unit 22 
acquires the advice mail, and displays the advice mail acquired in the e-mail display column 



371 as shown in drawing 26 on the WEB browser 301 currently displayed on the display. 
[0234] URL of the access place accessed in case the external terminal unit 22 acquires the 
reception mail corresponding to advice mail besides the message which tells the purport that 
mail client program 331A received the electronic mail in the main information about 
reception mail of the number of cases of reception mail, a subject name, or the addresser and 
a list may be contained in advice mail which the external terminal unit 22 acquired. 
[0235] Moreover, this URL may be a link, and when a user chooses this URL currently 
displayed on the browser screen 301 using a mouse etc., the external terminal unit 22 
accesses selected URL, and you may make it display corresponding reception mail. In this 
case, if the external terminal unit 22 accesses URL chosen by the user, the e-mail display 
column 371 as which corresponding reception mail was displayed as shown in drawing 26 will 
be displayed on the WEB browser screen 301 currently displayed on the display. 
[0236] At this time, a connection key which was mentioned above is contained in URL 
contained in advice mail, and the authentication processing by the authentication service 
provider 30 shown in drawing 1 can be omitted. Moreover, the identification information for 
local servers is made to be contained in URL contained in advice mail similarly, and you may 
make it alBO omit the authentication processing by the local server 11. 

[0237] By making it above, the user of the external terminal unit 22 only chooses the link of 
URL contained in the acquired advice mail using a mouse etc., can display on a display the 
mail which mail client program 331A of the local server 11 received, and can peruse it. 
[0238] In addition, the authentication service provider 30 needs to be authentication 
processed for it, and it is good conversely to also make, in case the user of the external 
terminal unit 22 peruses reception mail conversely, as a connection key is not contained in 
URL. 

[0239] Advice mail is acquired, the external terminal unit 22 displayed on the display etc. 
accesses the local server 11 in step S272 based on the acquired advice mail, and the mail 
corresponding to directions of a user is required of mail client program 33 1A. 
[0240] In step S295, mail client program 331A will supply the demanded mail to the external 
terminal unit 22 in step S296, if the demand is acquired. In step S273, the external terminal 
unit 22 acquires the supplied electronic mail, and displays the content on a display etc. 
[0241] By performing processing as mentioned above, the user of the external terminal unit 
22 can peruse the mail which mail client program 331A received from the exterior of a 
local-area 10. 

[0242] Although it explained that the external terminal unit 22 connected above through a 
network 21 at the local server 11, and mail client program 33 1A was controlled, if the 
application program which not only this but the external terminal unit 22 controls is an 
application program which the local server 11 has, it is good anything like for example, 
address manager 331B or schedule pipe ** program 331C besides mail client program 331A. 



[0243] Drawing 30 is drawing showing the example of the address book top screen displayed 
on the WEB browser screen 301. 

[0244] In drawing 30 , the address book top screen 401 which is a top screen of GUI 
corresponding to address administration server 331B is displayed on the WEB browser 
screen 301 displayed on the display. 

[0245] When the main menu screen 402 which can display on the address book top screen 401 
GUI which controls the main functions of address manager 331B when a user operates it 
using a mouse etc., and a user choose using a mouse etc., the function-selection column 403 
which is the link group on which GUI which controls various kinds of functions belonging to 
the address book function which address manager 331B offers can be displayed is contained. 
[0246] By operating various kinds of carbon buttons or links of this address book top screen 
401, a user can open an address book or can edit address information. 

[0247] The user of the external terminal unit 22 can be connected to the local server 11 
through a network 21 from the exterior of a local-area 10 as mentioned above, various kinds 
of application programs can be controlled, and, thereby, actuation of the local server 11 and 
the terminal unit 13 grade connected to LAN12 can be controlled. 

[0248] In addition, the application program of the local server 11 with the controllable 
external terminal unit 22 may be an application program which has what kind of function 
besides what was mentioned above if the application program which performs distribution, 
edit, etc. of the application program and image data which perform the image transcription 
and playback of a television signal, the application program which performs the sound 
recording and playback of music data are application programs carried in the framework 323 
shown in drawing 18 . 

[0249] Although it explained that the external terminal unit 22 connected above at the local 
server 11, and various kinds of application programs were controlled, also when a portable 
telephone 23 connects with the local server 11 and it controls various kinds of application 
programs, the same processing as the case where it mentions above is performed. 
[0250] Moreover, you may be PDA (Personal Digital Assistance) which has the 
communication facility other than the external terminal units 22, such as a personal 
computer mentioned above, and a portable telephone 23 as a terminal unit of the exterior of a 
local-area 10. 

[0251] Although the local server 11 and terminal unit 13 which constitute the network 
system shown above at drawing 1 , the external terminal unit 22, the portable telephone 23, 
the connection management server 31, the address administration server 32, and the 
authentication server 33 explained that it consisted of one set at a time, respectively, they 
may be constituted by not only this but two or more sets. Moreover, although constituted as 
another object, as for each server and each equipment which were installed in the 
authentication service provider 30, the whole service or its part may be unified, respectively. 



[0252] In addition, a system expresses above the whole equipment constituted by two or more 
equipments. 

[0253] Although a series of processings mentioned above can also be performed by hardware, 
they can also be performed with software. When performing a series of processings with 
software, the program which constitutes the software is installed in a general-purpose 
personal computer etc. from a network or a record medium possible [ performing various 
kinds of functions ] by installing the computer built into the hardware of dedication, or 
various kinds of programs. 

[0254] Apart from the body of equipment, this record medium is distributed in order to 
provide a user with a program. The magnetic disk with which the program is recorded (a 
floppy disk is included), an optical disk (CD-ROM (Compact Disk-Read Only Memory) --) 
DVD (Digital Versatile Disk) is included. It consists of ROMs with which it is not only 
constituted by the package media which consist of a magneto-optic disk (MD (Mini-Disk) is 
included) or semiconductor memory, but a user is provided in the condition of having been 
beforehand included in the body of equipment and on which the program is recorded. 
[0255] In addition, in this description, even if the processing serially performed in accordance 
with the sequence that the step which describes the program recorded on a record medium 
was indicated is not of course necessarily processed serially, it is a juxtaposition thing also 
including the processing performed according to an individual. 
[0256] 

[Effect of the Invention) As mentioned above, according to the network system of this 
invention, it can communicate safely more. 

[0257] According to the program, it can communicate with other information processors 
safely more at the 1st information processor of this invention and an approach, a record 
medium, and a list. 

[0258] According to the program, the communication link between other information 
processors is easily manageable in the 2nd information processor of this invention and an 
approach, a record medium, and a list. 



DESCRIPTION OF DRAWINGS 



[Brief Description of the Drawings] 

[Drawing 1] It is drawing showing the example of a configuration of the network system 
which applied this invention. 

[Drawing 2] It is the block diagram showing the example of a configuration of a local server 
shown in drawing 1 . 

[Drawing 31 It is the block diagram showing the example of a configuration of the external 



terminal unit shown in drawing 1 . 

[Drawing 41 It is the block diagram showing the example of a configuration of a connection 
management server shown in drawing 1 . 

[Drawing 51 It is drawing showing the example of a configuration of a address administration 
server shown in drawing 1 . 

[Drawing 61 It is a flow chart explaining the local server information registration processing 
by the local server shown in drawing 1 . 

[Drawing 71 It is a flow chart explaining the local server information registration processing 
by the address administration server shown in drawing 1 . 

[Drawing 81 It is drawing showing the example of the appearance of a setting-out screen 
which performs setting out about a connection key. 

[Drawing 91 It is drawing showing other examples of the appearance of a setting-out screen 
which performs setting out about a connection key. 

[Drawing 10] It is a flow chart explaining the local server information update process by the 
local server shown in drawing 1 . 

[Drawing 111 It is a flow chart explaining the local server information update prooess by the 
address administration server shown in drawing 1 . 

[Drawing 12] It is a timing chart explaining the processing which logs in to a local server 
from an external terminal unit. 

[Drawing 13] It is drawing showing the example of a log in screen. 
[Drawing 14] It is drawing showing the example of a local server list screen. 
[Drawing 15l It is drawing showing the example of a log in screen. 
[Drawing 16] It is drawing showing the example of an error screen. 

[Drawing 17] It is a flow chart explaining the access-control processing by the connection 
management server. 

[Drawing 18] It is drawing Bhowing the situation of an application program. 

[Drawing 19] It is a timing chart explaining the communications processing by the local 

server and the external terminal unit. 

[Drawing 20] It is drawing showing the example of the demand information formed into the 
XML document by the framework. 

[Drawing 2ll It is drawing showing the example of the response indication supplied to a 
framework. 

[Drawing 22] It is a flow chart explaining the application program management processing 
by the framework. 

[Drawing 23] It is a timing chart explaining the processing in the case of referring to the 
electronic mail which the local server received from the exterior of a local- area. 
[Drawing 24] It is drawing showing the example of a mail client top screen. 
[Drawing 25] It is drawing showing the example of a mailbox screen. 



[Drawing 26] It is drawing showing the example of the e-mail display column. 
[Drawing 27] It ie drawing showing the advice / transfer list display column. 
[Drawing 281 It is drawing showing advice and the destination setting-out column. 
[Drawing 29] It is a timing chart explaining processing in case setting out which is made to 
notify at the time of reception is performed beforehand. 

[Drawing 30l It is drawing showing the example of an address book top screen. 
[Description of Notations] 

11 Local Server 12 LAN, 13 Terminal unit 21 A network, 22 External terminal unit 23 A 
portable telephone, 24 Base station 30 authentication service provider, 31 Connection 
management server 32 Address administration server 33 Authentication server 321 WEB 
server 322 SSL 323 Framework 324 WEB contents 325 JAVA (trademark) related module 
331A Mail client program 331B address manager 331C Schedule pipe ** program 331D 
Application program 



